Staff & roles
Invite team members and assign roles. Only super admins can manage staff.
Role permissions
What each role can access. Enforced server-side via the staff role on every privileged edge function.
SUPER ADMIN
Everything: pricing, staff, payouts, growth config, audit. The owner.
ADMIN
All operations except staff management and dangerous settings.
FINANCE
Payouts, partner earnings, promo codes, pricing. No staff control.
EDITOR
Blog/content, services catalog copy. No money or user data.
SUPPORT
View users & orders, issue refunds within limits. Read-mostly.
Audit log
Every privileged action, recorded. Append-only — coda.audit_log.
| When | Actor | Action | Target |
|---|---|---|---|
| Jun 14 19:02 | Amaka O. | payout.approve | partner GLABS · $48.20 |
| Jun 14 14:30 | CA Michael | pricing.update | global → ×1.25 +$0.15 |
| Jun 13 11:15 | CA Michael | staff.invite | david@ekrpt.com (support) |
| Jun 12 09:48 | Amaka O. | promo.create | code CODA5 |